| Tobias DiPasquale on 1 Dec 2003 15:38:02 -0500 |
|
On Mon, 2003-12-01 at 13:44, Ian Reinhart Geiser wrote: > Basicly I have an iptables based firewall running on debian stable. I am > already forwarding ports with success but now I would like to do port > redirection based on the hostname requested. IE, ssh to > cvs.kdedevelopers.org currently gives me the firewall... but I would like to > have it forward to the system that hosts cvs.kdedevelopers.org that lies on a > private IP. Can I do this without changing the port SSH is on the firewall? The TCP/IP packet contains no hint or trace of a DNS hostname. You will be unable to determine the host desired from an incoming TCP/IP packet. If you want to have ssh be NAT'd to another internal machine, all ssh requests will have to go to that machine (by NAT'ing requests for TCP port 22 to the IP address of the internal machine, as well as NAT'ing the resultant outgoing ssh traffic). -- Tobias DiPasquale, www.cbcg.net 202A 04C4 2CE6 B985 8520 88D6 CD25 1A6C B9B5 1595 Attachment:
signature.asc
|
|